[git] GnuPG - branch, master, updated. gnupg-2.1.0-beta834-6-gbc2f5c1
by Werner Koch
cvs at cvs.gnupg.org
Mon Sep 22 08:57:20 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via bc2f5c1d1afbe8ba413e594639fd05f19df32f75 (commit)
via a4205d5ed0371e8a7954342658bd63c1924601e3 (commit)
from 1d33d03f0bb576601f5eef1a548cbc519f251b17 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bc2f5c1d1afbe8ba413e594639fd05f19df32f75
Author: Werner Koch <wk at gnupg.org>
Date: Thu Sep 18 16:00:34 2014 +0200
gpg: Create default keyring with .kbx suffix.
* g10/keydb.c (maybe_create_keyring_or_box): Rename arg for clarity.
(keydb_add_resource): Fix order of args to maybe_create_keyring_or_box
and check and create .kbx.
diff --git a/g10/keydb.c b/g10/keydb.c
index e735b4a..178456a 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -110,11 +110,13 @@ keyblock_cache_clear (void)
/* Handle the creation of a keyring or a keybox if it does not yet
- exist. Take into acount that other processes might have the
+ exist. Take into account that other processes might have the
keyring/keybox already locked. This lock check does not work if
- the directory itself is not yet available. */
+ the directory itself is not yet available. If is IS_BOX is true
+ the filename is expected to be a keybox. If FORCE_CREATE is true
+ the keyring or keybox shall be created. */
static int
-maybe_create_keyring_or_box (char *filename, int is_box, int force)
+maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
{
dotlock_t lockhd = NULL;
IOBUF iobuf;
@@ -129,14 +131,14 @@ maybe_create_keyring_or_box (char *filename, int is_box, int force)
/* If we don't want to create a new file at all, there is no need to
go any further - bail out right here. */
- if (!force)
+ if (!force_create)
return gpg_error (GPG_ERR_ENOENT);
/* First of all we try to create the home directory. Note, that we
don't do any locking here because any sane application of gpg
would create the home directory by itself and not rely on gpg's
- tricky auto-creation which is anyway only done for some home
- directory name patterns. */
+ tricky auto-creation which is anyway only done for certain home
+ directory name pattern. */
last_slash_in_filename = strrchr (filename, DIRSEP_C);
#if HAVE_W32_SYSTEM
{
@@ -184,8 +186,8 @@ maybe_create_keyring_or_box (char *filename, int is_box, int force)
log_info ("can't allocate lock for '%s': %s\n",
filename, gpg_strerror (rc));
- if (!force)
- return gpg_error (GPG_ERR_ENOENT);
+ if (!force_create)
+ return gpg_error (GPG_ERR_ENOENT); /* Won't happen. */
else
return rc;
}
@@ -289,6 +291,7 @@ keydb_add_resource (const char *url, unsigned int flags)
char *filename = NULL;
int create;
int read_only = !!(flags&KEYDB_RESOURCE_FLAG_READONLY);
+ int is_default = !!(flags&KEYDB_RESOURCE_FLAG_DEFAULT);
int rc = 0;
KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE;
void *token;
@@ -334,8 +337,13 @@ keydb_add_resource (const char *url, unsigned int flags)
/* See whether we can determine the filetype. */
if (rt == KEYDB_RESOURCE_TYPE_NONE)
{
- FILE *fp = fopen (filename, "rb");
+ FILE *fp;
+ int pass = 0;
+ size_t filenamelen;
+ check_again:
+ filenamelen = strlen (filename);
+ fp = fopen (filename, "rb");
if (fp)
{
u32 magic;
@@ -357,6 +365,20 @@ keydb_add_resource (const char *url, unsigned int flags)
fclose (fp);
}
+ else if (!pass
+ && is_default && create
+ && filenamelen > 4 && !strcmp (filename+filenamelen-4, ".gpg"))
+ {
+ /* The file does not exist, the default resource has been
+ requested, the file shall be created, and the file has a
+ ".gpg" suffix. Change the suffix to ".kbx" and try once
+ more. This way we achieve that we open an existing
+ ".gpg" keyring, but create a new keybox file with an
+ ".kbx" suffix. */
+ strcpy (filename+filenamelen-4, ".kbx");
+ pass++;
+ goto check_again;
+ }
else /* No file yet: create keybox. */
rt = KEYDB_RESOURCE_TYPE_KEYBOX;
}
@@ -369,7 +391,7 @@ keydb_add_resource (const char *url, unsigned int flags)
goto leave;
case KEYDB_RESOURCE_TYPE_KEYRING:
- rc = maybe_create_keyring_or_box (filename, create, 0);
+ rc = maybe_create_keyring_or_box (filename, 0, create);
if (rc)
goto leave;
@@ -399,7 +421,7 @@ keydb_add_resource (const char *url, unsigned int flags)
case KEYDB_RESOURCE_TYPE_KEYBOX:
{
- rc = maybe_create_keyring_or_box (filename, create, 1);
+ rc = maybe_create_keyring_or_box (filename, 1, create);
if (rc)
goto leave;
commit a4205d5ed0371e8a7954342658bd63c1924601e3
Author: Werner Koch <wk at gnupg.org>
Date: Thu Sep 18 16:00:34 2014 +0200
doc: Fix --secret-keyring option for 2.1
--
diff --git a/doc/gpg.texi b/doc/gpg.texi
index cee8ace..b8c4ab1 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1279,7 +1279,13 @@ use the specified keyring alone, use @option{--keyring} along with
@item --secret-keyring @code{file}
@opindex secret-keyring
+ at ifset gpgtwoone
+This is an obsolete option and ignored. All secret keys are stored in
+the @file{private-keys-v1.d} directory below the GnuPG home directory.
+ at end ifset
+ at ifclear gpgtwoone
Same as @option{--keyring} but for the secret keyrings.
+ at end ifclear
@item --primary-keyring @code{file}
@opindex primary-keyring
-----------------------------------------------------------------------
Summary of changes:
doc/gpg.texi | 6 ++++++
g10/keydb.c | 44 +++++++++++++++++++++++++++++++++-----------
2 files changed, 39 insertions(+), 11 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list